The Charlotte, North Carolina-based healthcare company, “Atrium Health,” confirmed that on November 27, 2018, that it had suffered a data breach. Unknown threat actors were able to gain illicit access to Atrium’s billing vendor “AccuDoc” server and patient information between September 22 and 29, 2018. AccuDoc identified the breach on October 1, 2018. This breach is believed to affect approximately 2.65 million individuals out of which 700,000 may have had their social security numbers compromised. Other compromised data consists of: account balance, dates of service, insurance policy information, and medical record numbers. Atrium stated that while the information was accessed, none of it appeared to have been downloaded.

Recommendation: Leaks of this sort leads victims to be at a large risk of phishing attacks. Actors can use this information to coerce more personal data from the victim. Individuals who have accounts associated to this story should change their passwords as soon as possible, particularly if passwords for said accounts are the same to other online accounts.

Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.